<?php
require './script/mysqlconfig.php';
session_start();

// 处理表单提交事件
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
    // 获取用户输入的用户名和密码
    $username = $_POST['username'];
    $password = $_POST['password'];

    $conn = mysqli_connect(DB_SERVER, DB_USERNAME, DB_PASSWORD, DB_NAME);
    if($conn->connect_error){
        die("数据库连接错误：". $conn->connect_error);
    }
    //判断用户是否点击了登录按钮
    if(isset($_POST["login"])){
        $sql = "SELECT * FROM users WHERE name='$username'";
        $res =$conn->query($sql)->fetch_assoc();
        /**登录验证 */
        if($res){
            if(password_verify($password,$res['password'])){
                echo "登录成功！";
                $_SESSION['userid'] = $res['id'];
                $_SESSION['username'] = $res['username'];
                $_SESSION['usergroup'] = $res['group'];
                $_SESSION['role'] = $res['role'];
                // 重定向用户到主页
//                header('Location: ../admin/admin.php');
                $role = $_SESSION['role'];
                // 根据用户权限等级重定向到不同的页面
                if ($role == 'admin') {
                    header('Location: ./admin/admin.php');
                } else {
                    header('Location: ./users/user.php');
                }
                exit();
            } else {
                // 匹配失败，弹窗显示错误消息
                echo "<script>alert('用户名或密码错误!');history.go(-1);</script>";
            }
        }else{
            echo "<script>alert('请输入账号密码进行登录!');history.go(-1);</script>";
        }
    }
    //关闭数据库连接
    $conn->close();
}
?>

<!-- 登录页面表单 -->
<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <title>登录</title>
    <style>
        form{
            max-width: 400px;
            height: 300px;
            background-color: rgba(247, 247, 247, 0.7);
            /*border: 1 solid #E4E4E4;*/
            margin: 100px auto;
            color: black;
            border-radius: 5px;
            padding: 25px 45px;
        }
        body{
            background-repeat: no-repeat;
            background-image: url(photo/login.jpg);
            background-size: 100%;
        }
        div{
            width: 100%;
            height: 35px;
            line-height: 35px;
            margin-top: 50px;
            position: relative;
        }
        input{
            position: absolute;
            right: 80px;
            width: 60%;
            height: 25px;
            line-height: 25px;
            border: 1px solid #DADADA;
            color: #888;
            outline: none;
            font-size: 12px;
            padding: 3px 3px 3px 5px;
            box-shadow: inset 0 1px 4px #ECECEC;
        }
        input[type="submit"]{
            width: 50%;
            height: 40px;
            line-height: 15px;
            font-size: 15px;
            background-color: dodgerblue;
            border: none;
            box-shadow: none;
            border-radius: 10px;
            color: #FFF;
            position: relative;
            top: 50px;
            left: 50%;
            transform: translateX(-50%);
        }
        input[type="submit"]:hover{
            cursor: pointer;                          /*手型*/
            /*background-color: dodgerblue;*/
        }
        a{
            width: 180px;
            display: block;
            margin: 80px auto;
        }
    </style>
</head>
<body>
<form action="" method="POST">
    <div>
        <label for="name">用户名：</label>
        <input type="text" id="name" name="username" placeholder="请输入用户名" required>
    </div>
    <div>
        <label for="pass">密 &nbsp;&nbsp;&nbsp; 码:</label>
        <input type="password" name="password" id="pass" placeholder="请输入密码" required>
    </div>
    <input type="submit" name="login" value="登录">
    <a href="users/register.php">还没有账号，注册一个</a>
</form>
</body>
</html>
